How To Configure Oracle BI Publisher to Authenticate With Active Directory

  • Log in to BI Publisher as an administrator.
  • Click on the Admin tab.
  • Click on Security Configuration.
  • For Security Model, choose LDAP and enter the following parameters:
    Setting Example Value
    URL ldap:// Your company’s LDAP server and port.
    Administrator Username CN=ADMIN,OU=Users,OU=Shared Services,DC=mycompany,DC=com The fully qualified DN of the account you use to sign in to LDAP.
    Administrator Password myxlplyx The password for the above account.
    Distinguished Name for Users DC=mycompany,DC=com The “root” level at which to search for users.
    Distinguished Name for Groups OU=Global Groups,DC=mycompany,DC=com The “root” level at which to search from groups.
    Group Search Filter (&(objectClass=group)(
    Group Attribute Name cn
    Group Member Attribute Name member
    Member Of Group Attribute Name
    Group Description Attribute Name description
    JNDI Context Factory Class com.sun.jndi.ldap.LdapCtxFactory
    Group Retrieval Page Size
    attribute used for RDN sAMAccountName Allows users to log in to BI Publisher using their corporate AD account name.
    Automatically clear LDAP cache Checked
    Ldap Cache Interval 1
    Ldap Cache Interval Unit Hour
    Default User Group Name
    Attribute Names for Data Query Bind Variables
  • Bounce BI Publisher.
  • Try logging in with your corporate AD credentials. Remember, you need to be assigned to one of the following special groups in Active Directory if you want developer or admin privileges in BI Publisher:


You can read more about those roles and what they do in the Oracle Documentation.